<?php

// COPYRIGHT DawciuPotter.pl 2012
// ALL RIGHTS RESERVED

require_once "../maincore.php";

if(!iADMIN) redirect("../index.php");

require_once THEMES."templates/header.php";

require_once "core.php";

$rangi = getRangi();

$rangiselopt = "";
foreach($rangi as $key => $element){
	$rangiselopt .= "<option value='".$key."'>".$element."</option>";
}

opentable("Oazowicze - admin");

if(isset($_GET['delete_pic']) && is_numeric($_GET['delete_pic'])){
	$query = dbquery("UPDATE `".DB_PREFIX."oazowicze` SET `zdjecie` = 'default.jpg' WHERE `id` = '".$_GET['delete_pic']."' LIMIT 1");
	redirect("admin.php?edit=".$_GET['delete_pic']);
}elseif($_GET['set'] == "add" || (isset($_GET['edit']) && is_numeric($_GET['edit']))){
		if(isset($_POST['submit'])){
			$err_list = "";
			if($_POST['imie'] == "") $err_list .= "<br />Brak imienia";
			if($_POST['nazwisko'] == "") $err_list .= "<br />Brak nazwiska";
			if($_POST['urodziny'] == "") $err_list .= "<br />Brak urodzin";
			if($_POST['plec'] == "") $err_list .= "<br />Brak plci";
			
			$temp = explode("-", $_POST['urodziny']);
			if(sizeof($temp) != 3 ) $err_list .= "<br />Zly format daty urodzin";
			$urodziny = mktime(0, 0, 0, $temp[1], $temp[0], $temp[2]);
			
			if(!is_numeric($urodziny)) $err_list .= "<br />Err. gen date 0: ".$temp[0]." 1: ".$temp[1]." 2: ".$temp[2]." $urodziny";
			
			if($err_list == ""){
			
				$error = 0;
				
				$photo_file = ""; $photo_thumb1 = ""; $photo_thumb2 = "";
				if(!empty($_FILES['zdjecie']['name'])){
					if(is_uploaded_file($_FILES['zdjecie']['tmp_name'])){
						$photo_types = array(".gif",".jpg",".jpeg",".png");
						$photo_pic = $_FILES['zdjecie'];
						$photo_name = stripfilename(str_replace(" ", "_", strtolower(substr($photo_pic['name'], 0, strrpos($photo_pic['name'], ".")))));	
						$photo_ext = strtolower(strrchr($photo_pic['name'],"."));
						$photo_dest = IMAGES."oazowicze/";
						if (!preg_match("/^[-0-9A-Z_\.\[\]]+$/i", $photo_name)) {
							$error = 1;
						}elseif ($photo_size > $settings['photo_max_b']){
							$error = 2;
						}elseif (!in_array($photo_ext, $photo_types)) {
							$error = 3;
						} else {
							$photo_file = md5(time()).$photo_ext;
							move_uploaded_file($photo_pic['tmp_name'], $photo_dest.$photo_file);
							chmod($photo_dest.$photo_file, 0666);
							$imagefile = @getimagesize($photo_dest.$photo_file);
							if ($imagefile[0] > $settings['photo_max_w'] || $imagefile[1] > $settings['photo_max_h']) {
								$error = 4;
								unlink($photo_dest.$photo_file);
							} /*else {
								$photo_thumb1 = image_exists($photo_dest, $photo_name."_t1".$photo_ext);
								createthumbnail($imagefile[2], $photo_dest.$photo_file, $photo_dest.$photo_thumb1, $settings['thumb_w'], $settings['thumb_h']);
								if ($imagefile[0] > $settings['photo_w'] || $imagefile[1] > $settings['photo_h']) {
									$photo_thumb2 = image_exists($photo_dest, $photo_name."_t2".$photo_ext);
									createthumbnail($imagefile[2], $photo_dest.$photo_file, $photo_dest.$photo_thumb2, $settings['photo_w'], $settings['photo_h']);
								}
							}*/
						}
					}
				}
				
				$user_id = dbarray(dbquery("SELECT `user_id` FROM `".DB_USERS."` WHERE `user_name` = '".$_POST['user_name']."'"));					
				
				if($_GET['set'] == "add"){
					$query = dbquery("INSERT INTO `".DB_PREFIX."oazowicze` (`imie`, `nazwisko`, `urodziny`, `odb_ranga`, `ozk_ranga`, `user_id`, `zdjecie`, `plec`)
									VALUES ('".$_POST['imie']."', '".$_POST['nazwisko']."', '".$urodziny."', '".$_POST['odb_ranga']."', '".$_POST['ozk_ranga']."', '".($user_id['user_id'] != null ? $user_id['user_id'] : "0")."', '".($photo_file != "" ? $photo_file : "default.jpg")."', '".$_POST['plec']."')");
					echo "Dodano";
				}elseif(isset($_GET['edit'])){
					$query = dbquery("UPDATE `".DB_PREFIX."oazowicze` SET `imie` = '".$_POST['imie']."', `nazwisko` = '".$_POST['nazwisko']."', `urodziny` = '".$urodziny."', `odb_ranga` = '".$_POST['odb_ranga']."', `ozk_ranga` = '".$_POST['ozk_ranga']."', `user_id` = '".($user_id['user_id'] != null ? $user_id['user_id'] : "0")."', ".($_POST['zdj'] != "no_pht" ? "`zdjecie` = '".($photo_file != "" ? $photo_file : "default.jpg")."',": "")." `plec` = '".$_POST['plec']."' WHERE `id` = '".$_GET['edit']."' LIMIT 1");
					echo "Zedytowano";
				}
				
			}else{
				echo $err_list;
			}
		}else{
			$result = dbarray(dbquery("SELECT * FROM `".DB_PREFIX."oazowicze` WHERE `id` = '".$_GET['edit']."'"));
			$urodziny = "";
			if($result['urodziny'] != null && $result['urodziny'] > 0){
				$urodziny = date("d-m-Y", $result['urodziny']);
			}else{
				$urodziny = "DD-MM-YYYY";
			}
			$uname = "";
			if($result['user_id'] != null && $result['user_id'] > 0){
				$temp = dbarray(dbquery("SELECT `user_name` FROM `".DB_USERS."` WHERE `user_id` = '".$result['user_id']."'"));
				$uname = $temp['user_name'];
			}
			echo "<form enctype='multipart/form-data' action='admin.php?".(isset($_GET['edit']) ? "edit=".$_GET['edit'] : "set=add")."' name='add' method='post'>\n";
			echo "<table>\n";
			echo "<tr><td>Imie*</td><td width='50%'><input type='textbox' name='imie' maxlength='255' width='100%' class='textbox' value='".$result['imie']."' /></td></tr>\n";
			echo "<tr><td>Nazwisko*</td><td width='50%'><input type='textbox' name='nazwisko' maxlength='255' width='100%' class='textbox' value='".$result['nazwisko']."'  /></td></tr>\n";
			echo "<tr><td>Data urodzin*</td><td width='50%'><input type='textbox' name='urodziny' maxlength='255' width='100%' value='$urodziny' class='textbox' /></td></tr>\n";
			echo "<tr><td>Plec*</td><td><select name='plec'><option value='0' ".($result['plec'] == 0 ? "selected='selected'" : "").">Mezczyzna</option><option ".($result['plec'] == 1 ? "selected='selected'" : "").">Kobieta</option></select></td></tr>\n";
			echo "<tr><td>OZK</td><td><select name='ozk_ranga'>\n";
			foreach($rangi as $key => $element){
				echo "<option value='".$key."' ".($result['ozk_ranga'] == $key ? "selected='selected'" : "")." >".$element."</option>\n";
			}
			echo "</select></td></tr>\n";
			echo "<tr><td>ODB</td></td><td><select name='odb_ranga'>\n";
			foreach($rangi as $key => $element){
				echo "<option value='".$key."' ".($result['odb_ranga'] == $key ? "selected='selected'" : "")." >".$element."</option>\n";
			}
			echo "</select></td></tr>\n";
			echo "<tr><td>Nazwa uzytkownika</td><td><input type='textbox' name='user_name' maxlength='255' width='100%' class='textbox' value='".$uname."' /></td></tr>\n";
			echo "<tr><td>Zdjecie</td><td>".(($result['zdjecie'] == "default.jpg" || $result['zdjecie'] == "") ? "<input type='file' name='zdjecie' class='textbox' >" : "<input type='hidden' value='no_pht' name='zdj' /><input type='hidden' value='".$result['zdjecie']."' name='zdjecie' />Juz dodano zdjecie <a href='admin.php?delete_pic=".$_GET['edit']."'>Usun</a>")."</td></tr>\n";
			echo "<tr><td><input type='submit' class='button' value='Dodaj' name='submit' /></td></tr>\n";
			echo "</table></form>";
		}
	
}else{
	echo "<a href='install.php'>Install database</a><br />";
	echo "<a href='admin.php?set=add'>Dodaj oazowicza</a><br />";
}

closetable();

require_once THEMES."templates/footer.php";

?>